Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/096AF3A6FD9411EFB83E965EC4F9AE02.roa
File: 096AF3A6FD9411EFB83E965EC4F9AE02.roa (raw, json)
Hash identifier: HJwkVHQmdO7i+QECLrTlmSDBRE3LWzo0P0BXtzW4ElQ=
Subject key identifier: 9D:EB:24:A2:B1:8E:23:EA:8C:AE:CF:17:59:5A:88:5F:79:E5:83:CB
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4A00
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/096AF3A6FD9411EFB83E965EC4F9AE02.roa
Signing time: Mon 10 Mar 2025 09:42:53 +0000
ROA not before: Mon 10 Mar 2025 09:42:53 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 140750
IP address blocks: 103.155.78.0/23 maxlen: 24
2001:df4:bc80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18944 (0x4a00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Mar 10 09:42:53 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67ceb41c-86c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:20:43:9a:38:6f:f9:84:2c:a2:c6:7d:4c:58:
e5:98:33:c3:be:6b:77:20:c6:c9:23:f7:8d:dd:47:
5a:b7:75:87:65:6f:bd:79:83:4f:40:a2:96:9f:73:
43:f4:52:75:cb:06:b4:ba:aa:6e:1f:3c:de:71:2c:
7b:38:4d:25:2d:dd:09:d7:8a:a9:4f:52:13:a3:5b:
4e:9f:a9:25:9c:e3:3a:7a:f4:ac:78:d4:bd:53:70:
d5:31:af:a7:8a:8a:57:ad:4b:34:6f:09:b6:be:4b:
54:87:b1:d5:aa:62:41:99:75:95:57:51:db:da:78:
32:c4:28:10:21:78:e0:bd:8a:66:fb:38:56:a2:49:
98:84:ec:47:7b:b6:fc:71:d2:73:ea:d2:55:18:c7:
b3:38:48:3b:8a:1a:13:be:dd:aa:fd:1b:49:ec:ed:
bd:9d:a7:ab:bc:2e:b5:e4:c4:cf:b5:8d:9d:59:51:
14:c3:50:1c:a7:73:6d:f1:aa:77:1f:ba:3a:f3:e6:
11:71:09:ca:b0:6c:8f:af:43:ba:f9:28:1b:64:67:
67:1c:08:53:48:35:ab:b3:3d:98:04:6c:21:af:db:
6a:df:5f:b8:8f:26:f2:a3:82:ca:f1:e9:8a:9b:e8:
2a:5d:e0:08:81:c9:1f:d0:7d:99:f8:76:eb:46:64:
75:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:EB:24:A2:B1:8E:23:EA:8C:AE:CF:17:59:5A:88:5F:79:E5:83:CB
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/096AF3A6FD9411EFB83E965EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.78.0/23
IPv6:
2001:df4:bc80::/48
Signature Algorithm: sha256WithRSAEncryption
3e:2c:f3:bf:c3:0f:d0:dd:ad:dc:b7:cc:c3:df:ad:58:4c:57:
94:a9:a9:14:d8:26:2c:5f:19:11:d3:02:b3:78:f1:84:ca:6c:
2c:c2:3b:0d:0f:0b:ba:8d:4a:cf:ab:13:1d:5d:b1:c8:6c:29:
1e:e0:20:0f:d8:92:65:e1:9f:0e:d6:bd:1f:f9:82:d5:2a:ec:
ec:5a:b9:62:12:25:bd:b5:e4:9c:19:77:69:fb:1e:1e:26:95:
c9:c3:2b:4d:f5:76:92:39:d7:32:34:d8:98:1d:5c:96:8d:aa:
19:fc:08:bc:9d:0e:71:fc:4d:49:ba:d1:53:6d:f2:bc:30:4e:
33:af:f7:cc:07:29:f0:9b:2d:74:ad:48:75:52:34:70:79:e5:
a3:a0:9d:04:72:16:74:f7:f2:9a:1b:48:9d:26:8c:a9:db:1f:
30:a2:8d:a2:87:03:86:e7:74:4a:58:14:4c:58:89:8e:da:22:
8f:6f:3b:be:30:97:3b:f2:b4:e5:9c:c8:01:eb:a6:a5:0a:52:
a7:40:78:b9:89:4b:ed:3b:81:9d:69:94:7a:80:23:6c:03:ff:
c4:37:cf:dd:dd:cb:f4:e4:3c:30:09:3a:26:96:ca:0f:57:e1:
98:38:65:41:e1:dd:95:58:34:b6:d0:de:7b:22:80:dd:80:fa:
fb:da:b2:0b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICSgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMzEwMDk0MjUzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NlYjQxYy04NmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2iBDmjhv+YQsosZ9TFjlmDPDvmt3IMbJI/eN3Udat3WHZW+9eYNPQKKWn3ND
9FJ1ywa0uqpuHzzecSx7OE0lLd0J14qpT1ITo1tOn6klnOM6evSseNS9U3DVMa+n
iopXrUs0bwm2vktUh7HVqmJBmXWVV1Hb2ngyxCgQIXjgvYpm+zhWokmYhOxHe7b8
cdJz6tJVGMezOEg7ihoTvt2q/RtJ7O29naervC615MTPtY2dWVEUw1Acp3Nt8ap3
H7o68+YRcQnKsGyPr0O6+SgbZGdnHAhTSDWrsz2YBGwhr9tq31+4jybyo4LK8emK
m+gqXeAIgckf0H2Z+HbrRmR1MQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJ3rJKKx
jiPqjK7PF1laiF955YPLMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvMDk2QUYzQTZG
RDk0MTFFRkI4M0U5NjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnm04wDwQCAAIwCQMHACABDfS8gDANBgkqhkiG9w0BAQsF
AAOCAQEAPizzv8MP0N2t3LfMw9+tWExXlKmpFNgmLF8ZEdMCs3jxhMpsLMI7DQ8L
uo1Kz6sTHV2xyGwpHuAgD9iSZeGfDta9H/mC1Srs7Fq5YhIlvbXknBl3afseHiaV
ycMrTfV2kjnXMjTYmB1clo2qGfwIvJ0OcfxNSbrRU23yvDBOM6/3zAcp8JstdK1I
dVI0cHnlo6CdBHIWdPfymhtInSaMqdsfMKKNoocDhud0SlgUTFiJjtoij287vjCX
O/K05ZzIAeumpQpSp0B4uYlL7TuBnWmUeoAjbAP/xDfP3d3L9OQ8MAk6JpbKD1fh
mDhlQeHdlVg0ttDeeyKA3YD6+9qyCw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:19:30 2025 by rpki-client